CVE-2025-14751 Unverified Password Change in Weintek cMT X Series HMI EasyWeb Service

🗓️ 22 Jan 2026 21:42:50Reported by icscertType

Low-privileged user can bypass credentials in Weintek cMT X Series EasyWeb, enabling privilege escalation.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2025-14751	22 Jan 202621:42	–	attackerkb
Circl	CVE-2025-14751	22 Jan 202611:00	–	circl
CNNVD	Weintek cMT X Series security vulnerabilities	22 Jan 202600:00	–	cnnvd
CVE	CVE-2025-14751	22 Jan 202621:42	–	cve
EUVD	EUVD-2025-206327	23 Jan 202600:31	–	euvd
NVD	CVE-2025-14751	22 Jan 202622:16	–	nvd
Positive Technologies	PT-2026-4279	22 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-14751	24 Jan 202603:17	–	redhatcve
Vulnrichment	CVE-2025-14751 Unverified Password Change in Weintek cMT X Series HMI EasyWeb Service	22 Jan 202621:42	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "cMT3072XH",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThan": "20241112",
        "status": "affected",
        "version": "20200630",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT3072XH(T)",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThan": "20241112",
        "status": "affected",
        "version": "20200630",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT-SVRX-820",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThan": "20240919",
        "status": "affected",
        "version": "20220413",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT-CTRL01",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThan": "20250827",
        "status": "affected",
        "version": "20230308",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-26-022-05

22 Jan 2026 21:42Current

CVSS 48.7

EPSS0.00034

CWE-620